Job postings used as deceitful means to siphon Russians' funds by unscrupulous individuals.
Head's Up: Be Vigilant Against Cyber Scams Hiding in Job Postings!
📸 Source: Shutterstock
Cybercriminals never fail to outdo themselves in finding creative ways to deceive us. A new scheme, recently unveiled by F6, a leading cybersecurity firm, has been targeting IT specialists and anyone else who can't resist the allure of extra cash. But don't let your guard down, here's what you need to know!
These scammers post job listings as app testers on various platforms, using stolen accounts. They pretend to be from big-name companies offering 3 to 5 thousand rubles an hour. All you need is a Russian citizenship and an Android phone. Sounds too good to be true? You're right!
Once you show interest, they'll direct you to chat on messengers for further communication. The conversations often take place with a seemingly legitimate manager, complete with a professional picture. These sleuths then ask for sensitive personal information like full name, phone number, date of birth, and even your bank card number, claiming it's for salary transfers. Without thinking twice, many folks fall for this trap. As soon as they're hired, the scammers provide a 'task': test an app by downloading an APK file, registering, and checking features.
While you're busy celebrating your new gig, the scammers are busy emptying your bank account. Downloading the APK file gives them access to your device, enabling them to transfer money to their own accounts and even take out loans. Since April of this year, over 1000 people have fallen victim to this scam, losing a staggering 14 million rubles![1]
Cybersecurity 101: Protect Yourself from Mamont Malware
Dmitry Kalinin, a cybersecurity expert at "Kaspersky Lab", warns that this scheme likely uses Mamont malware – an active cyber threat for Russian users. Mamont can gain access to SMS and push notifications on an infected Android device, allowing it to steal your funds through SMS banking and even intercept Telegram account codes.[2]
To safeguard yourself from Mamont and similar threats:
- Avoid clicking on links or downloading files from strangers.
- Only download apps from official stores –Google Play or Apple App Store.
- Regularly update your devices and apps.
- Install a reputable antivirus software.
More Reading:
- Insider's Guide to Common Summer Scams and How They Steal Your Money
- Pay Attention: Police Warns Russians About New Scam Schemes
[1] Source: [Article][2] Source: [SecureAPlus Blog] "Unmasking Mamont: The Rise of a New Banking Trojan Threat"[3] Source: [SecureAPlus Blog] "How to Stay Safe Against Banking Trojans: Essential Tips and Best Practices"
- Be wary of job listings, especially those offering lucrative pay for simple app testing tasks, as they might be part of a scam using Mamont malware to gain access to your personal information and bank accounts.
- practicing vigilance by avoiding onClicking links or downloading files from strangers, only downloading apps from official stores, regularly updating devices and apps, and installing a reputable antivirus software can help protect you from such threats in the realm of technology and general-news, as well as crime-and-justice.
